Compliance Guidance - Medicare Advantage

On February 3, the U.S. Department of Health and Human Services Office of Inspector General (OIG) released new Medicare Advantage Industry Segment-Specific Compliance Program Guidance (MA ICPG).

The MA ICPG updates prior guidance that was issued 27 years ago and is designed to work alongside the Centers for Medicare & Medicaid Services (CMS) regulations requiring Medicare Advantage organizations to implement effective compliance programs.

When combined with the General Compliance Program Guidance (GCPG) issued in November 2023, the MA ICPG provides a centralized source of voluntary compliance program guidance for Medicare Advantage, identifying areas of risk and strategies entities can take to reduce that risk.

Compliance Risk Areas

1.     Access to Care (Network Adequacy and Prior Authorization)

Strategies include:

• Quarterly update and third-party verification of provider directory information

• Review claim submission volumes of in-network providers

• Review, track, and follow-up on provider complaints

• Perform time and distance analyses of contracted providers

• Review trends in claims and prior authorization denials

• Review any artificial intelligence or algorithm-based tools

 2.    Marketing and Enrollment

Strategies include:

• Avoid deceptive marketing, including improper financial incentives that influence enrollment

• Oversight of third parties conducting marketing on behalf of the organization, including review and approval of marketing and communication materials

• Monitor enrollment volumes outside of AEP and verify eligibility for special enrollment periods.

• Document fair market value determinations

• Review, monitor, and ensure accuracy of payment data and recipients, including third parties

• Provide marketing and enrollment compliance-focused training for agents, brokers, TPMOs, and employees

3.    Risk Adjustment

Strategies include:

• Implement audits of diagnosis data, before and after submission to CMS

• Review reporting of high-risk diagnosis codes

• Evaluate and oversee any in-home HRA or chart review programs

• Investigate allegations of risk adjustment coding fraud

• Education and training

 4.   Quality of Care

Strategies include:

• Ensure the integrity of the data used for Star Ratings’ quality and performance measures

• Ensure Medicare enrollees can access medically necessary care regardless of their location, identity, and other demographic factors

• Ensure network avoids providers who are excluded by OIG or who have suspended licenses

 5.   Oversight of Third Parties

Strategies include:

• Due diligence and risk evaluation on third parties before delegating Medicare program functions

• Include compliance rights and obligations in agreements with third parties

• Ongoing oversight of third parties based on risk evaluation

 6.   Compliance Programs Within Vertically Integrated Organizations and Other Ownership Structures

Strategies include:

• Ensure compliance leaders have sufficient expertise and have access to senior leadership

• Include MA functions in organization compliance risk assessments

• Implement systems and processes to ensure medical loss ratio is accurately calculated and verified

 7.   Submission of Accurate Claims

Strategies include:

• Assess exposure under the False Claims Act